For those who do not already know, the "24 hours" reference in this series of books does not actually mean "by this time tomorrow." Nor does the "21 days" reference in a similar series of books mean "by this day three weeks hence." Instead, these books offer 24 one-hour exercises, or 21 exercises that shouldn't take more than a day to finish. The exercises range from nothing but an introductory discussion about the topic to actually arriving at a solution to a typical task.

CGI (Common Gateway Interface) is an essential component that is necessary to process data submitted by Web site visitors who filled in form fields. But CGI is the component that isn't as visible as are the other components, and cannot be readily understood without making practical use of these other components in order to see how the CGI component fits in. As an analogy, one cannot understand the purpose of a nut and bolt without studying the entire constructed unit and how it all works. From that perspective, we can then realize the services that nuts and bolts provide.

CGI is more like a process than a thing. It is that which accepts and prepares the data passed to it, activates a program to process the data, and delivers generated output. The data typically comes from Web page forms while in a Web site environment, but from the perspective of a properly written CGI program, the input could come from any designated source.

One of the problems CGI solves is that the data needs to be pre-processed into a format compatible with the native data structure of the program called to process it. The data is then processed according to instructions written in any of several languages, Perl being the most common. Output generated is wrapped inside an envelope, that is, post-processed, in a format suitable for the specified destination. Again, in a Web site environment, that envelope is all the necessary stuff a Web browser needs to know (but which you rarely, if ever, see) in order to properly render the Web page.

The Teach Yourself CGI in 24 Hours lessons use, for the most part, the Apache web server running on a Unix-type operating system, with Perl as the programming language. Everything here (except the computer hardware) is free. There is a list of resources where one can get free Perl programs as well. The author, Rafe Colburn, is acutely aware of Microsoft's presence in this field, so several lessons are oriented toward, or include mention of, other servers such as IIS, operating systems such as NT, and programming languages such as ASP/VBS.

Part I has the reader discover the what and why of CGI, the components necessary, and a smattering of Perl programming (just to get your feet wet). Part II has the reader discovering the where of CGI, namely, what a Web page form is, what to do with the data and how to validate it (pre-validate with Javascript or post-validate with Perl), and then use these fundamentals to create an e-mail feedback form.

Part III discusses the alternate programming languages, and Part IV leads the reader through several real-world applications: data storage, message board, session management (cookies), a shopping cart, and content publishing. Finally, at about the half-way point, the book gets to projects that show what CGI really is. Again, it's not the actual Web server, programming language, nor operating system. It's more the process of taking in data from some type of source, doing something with it, and then creating an output of some sort. And, again, for the most part, it's Web page data and Perl.

Part V explains common database technologies and how to interface with them. The project used to develop an understanding of database access is an online catalogue. Part VI wraps up the effort with discussions on a few of the extraneous details one may wish to explore: manipulation of the HTTP headers, security, custom error documents, and a thing called "server side includes." SSI's are files of commonly- and repetitively-used code, whether it be programming code or HTML code, that are inserted at indicated locations within the main file prior to execution and processing.

Overall, for a book with only 24 lessons meant to be completed in an hour each, there is much time and space wasted with preliminary understanding. Not that that's a bad thing. It's necessary. It's just that the 24 lessons are therefore going to be simple and straightforward and so cannot possibly cover many of the permutations someone who is actually going to publish a CGI application might come across.

The "21 days" book might or might not. The price of this book gives an indication as to the seriousness and depth of the subject covered. If you are considering going the CGI route to publishing an application, this book is an excellent way to get familiar with the concepts and try a few lightweight solutions. Once you have made up your mind, you will be needing deep-depth books on the server platform, the programming language and the database of your choice. Not to mention HTML.

Teach Yourself CGI in 24 Hours
Rafe Colburn
[500 pages, $24.95]
Sams Publishing, 2000
ISBN: 0-672-31880-6

"Tales of Digital Crime from the Shadows of Cyberspace." Well...yes and no. Yes, the book by Richard Power explores crimes where computers were used and criminals who used computers to commit those crimes, but no, these are not mystery or detective stories. This tedious book is more the retelling of important events, with a more complete set of the facts than you may have known, of computer mischief and mayhem.

For example, the Melissa virus inflicted heavy damage to corporate and military computer centers. Powers lists rumors leaked to certain individuals from underground contacts, lays out news articles and points out what they got right and what they got wrong, discusses interviews with computer security officials both major and minor, lists police reports in unexpurgated detail, covers damage assessments that only accountants could appreciate, and gives executive summarizations of who did what to improve computer security should this happen in the future. Fiction this book most definitely is not. Nor does it contain dramatizations. Cold, hard, dry-as-bone facts make up these "case studies."

Tangled Web might be interesting as a collection of case studies to those who strive to be IT department managers or directors-those who "wannabe" the people in charge. These are the head honchos who have to make these decisions: whether the cost of tightening security is worth the potential loss of time and data due to lack of that security; which employees to trust and just how far that trust can go; how to develop methods of accountability; and determine if releasing reports of "incidents" makes good business sense.

For the everyday, computer-using public, there is nothing in Tangled Web that would apply: personal firewalls to thwart unwanted intrusion (and what would you have that would be so enticing, anyway), virus detection programs to scan e-mail attachments, backup programs and schedules to restore a system crash, and the covert methods banner ads use to track your surfing habits. You will need to look elsewhere for that.

Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace
Richard Power
[425 pages, $25.00 hardback]
Que Corporation, 2000
ISBN: 0-7897-2443-X